Lucene search
K

51 matches found

Rockylinux
Rockylinux
added 2022/09/20 11:36 a.m.35 views

ruby security, bug fix, and enhancement update

An update is available for ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an extensible, interpreted, object-oriented, scripting language. It has...

9.8CVSS8AI score0.04127EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/09/15 12:0 a.m.346 views

ruby:3.0 security, bug fix, and enhancement update

ruby 3.0.4-141 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109431 Resolves: rhbz2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...

9.8CVSS2.5AI score0.04127EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.4 views

ruby: Buffer overrun in String-to-Float conversion

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

7.5CVSS7.4AI score0.04127EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/13 9:49 a.m.6 views

ruby: Buffer overrun in String-to-Float conversion

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

7.5CVSS7.4AI score0.04127EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.267 views

RHEL 8 : ruby:3.0 (RHSA-2022:6450)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6450 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.3AI score0.04127EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.47 views

RHEL 8 : ruby:2.7 (RHSA-2022:6447)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6447 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.5CVSS7.3AI score0.04127EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-2248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.4AI score0.04127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.32 views

EulerOS 2.0 SP10 : ruby (EulerOS-SA-2022-2248)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float...

7.5CVSS7.6AI score0.04127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/11 12:0 a.m.31 views

CentOS 8 : ruby:2.6 (CESA-2022:5338)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:5338 advisory. - Ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 Note that Nessus has not tested for this issue but has instead relied only on the...

7.5CVSS7.2AI score0.04127EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/06/30 9:1 p.m.4 views

ruby: Buffer overrun in String-to-Float conversion

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

7.5CVSS7.4AI score0.04127EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/06/30 9:1 p.m.46 views

Moderate: Red Hat Security Advisory: ruby:2.6 security, bug fix, and enhancement update

An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.04127EPSS
Exploits0References3
OSV
OSV
added 2022/06/10 11:3 a.m.5 views

OESA-2022-1700 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and...

9.8CVSS6.8AI score0.04127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/06/07 12:0 a.m.40 views

Ubuntu 16.04 ESM : Ruby vulnerability (USN-5462-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5462-2 advisory. USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. Tenable has...

7.5CVSS7.2AI score0.04127EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/05/23 12:0 a.m.4 views

The vulnerability of the “String to CSV conversion” algorithm in the Kernel#Float and String#to_f methods of the Ruby language interpreter allows a attacker to cause a service failure.

The vulnerability of the Stringtof and KernelFloat methods in the Ruby language interpreter involves operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.8AI score0.04127EPSS
Exploits0References13Affected Software6
Microsoft CVE
Microsoft CVE
added 2022/05/20 7:0 a.m.3 views

There is a buffer over-read in Ruby before 2.6.10 2.7.x before 2.7.6 3.x before 3.0.4 and 3.1.x before 3.1.2. It occurs in String-to-Float conversion including Kernel#Float and String#to_f.

...

7.5CVSS7.3AI score0.04127EPSS
Exploits0
OSV
OSV
added 2022/05/09 6:15 p.m.60 views

CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

7.5CVSS3.7AI score0.04127EPSS
Exploits0References15
OSV
OSV
added 2022/05/09 6:15 p.m.1 views

ALPINE-CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

7.5CVSS7.2AI score0.04127EPSS
Exploits0References1
OSV
OSV
added 2022/05/09 6:15 p.m.1 views

DEBIAN-CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

7.5CVSS7AI score0.04127EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/05/09 6:15 p.m.32 views

CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

7.5CVSS7AI score0.04127EPSS
Exploits0References9
OSV
OSV
added 2022/05/09 6:15 p.m.1 views

UBUNTU-CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

7.5CVSS7AI score0.04127EPSS
Exploits0References10
Rows per page
Query Builder